IT disaster recovery, cloud computing and information security news

Three quarters of vulnerabilities currently exploited by ransomware groups were discovered before 2020

Details
Published: Friday, 17 February 2023 12:27

The importance of a strong patch management strategy has been highlighted by a new report which shows that the majority of vulnerabilities used by ransomware actors have been known about for years.

The report, ‘2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management’, highlights that more than 76 percent of vulnerabilities still being exploited by ransomware were discovered between 2010 and 2019.

The report also identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 marking a 19 percent increase year-over-year.

Other top findings from the Cyber Security Works (CSW), Ivanti, Cyware, and Securin report include:

  • Scanners are not detecting all threats: popular scanners do not detect 20 vulnerabilities associated with ransomware.
  • More APT groups are launching ransomware attacks: CSW observed more than 50 advanced persistent threat (APT) groups deploying ransomware to launch attacks - a 51 percent increase from 33 in 2020.
  • Many vulnerabilities have not yet been added to CISA’s KEV list: While the CISA Known Exploited Vulnerabilities (KEVs) catalog contains 8661 vulnerabilities, 131 of the vulnerabilities associated with ransomware are yet to be added.
  • Multiple software products are affected by open-source issues: reusing open-source code in software products replicates vulnerabilities.
  • Common Vulnerability Scoring System (CVSS) scores may mask risks: the study found 57 ransomware-associated vulnerabilities with low and medium-sized scores that are associated with infamous ransomware families and can wreak havoc on an organization and disrupt business continuity.

“Our survey findings indicate that knowledge has not translated to power for many organizations,” said Aaron Sandeen, CEO and Co-founder of CSW and Securin. “IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware. IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced.”

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

Root Cause Analysis
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.